<?php

session_start();

if (isset($_SESSION['user']) && isset($_GET['action'])) {
    session_destroy();
    
    echo "<link rel=\"stylesheet\" href=\"../css/screen.css\" media=\"screen\" />";
    echo "<br /><br /><h1 style=\"font-family: 'PT Sans Narrow'\"><b style=\"color: yellowgreen;\"> Vous &ecirc;tes d&eacute;connect&eacute;</b></h1><h4>Redirection vers la page d'authentification dans <b><span id='compteur' class='compteur'>";
            ?>

            <script language='javascript'>

                function timestamp(t)
                {
                    document.getElementById("compteur").innerHTML=(t/1000);
                    t-=1000;
                    if(t==0)
                        self.location="./index.html";
                    		 
                    setTimeout("timestamp("+t+")",1000);
                }
                window.onload = timestamp(2000);
            </script>
            <?php

            echo "</span></b> secondes</h4><img src='images/superdroid.png' /></div><div class='bas' id='bas'></div>";
    
} else {


    require '../includes/db.php';
    include '../includes/functions.php';

    if (!isset($_POST['user']) && !isset($_POST['pass'])) {
        redirect_to("../../401.php");
    } else {

        echo "<link rel=\"stylesheet\" href=\"../css/screen.css\" media=\"screen\" />";

        $user = $_POST['user'];
        $pass = $_POST['pass'];

        $mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME);

        if ($mysqli->connect_errno) {
            echo "Failed to connect to MySQL with MySQLI: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
        }


        $sql = "select * from and_user where user = '" . $user . "' and pass = '" . $pass . "'";

        $result = $mysqli->query($sql) or die('Problem preparing query');

        $row = $result->fetch_assoc();

        if ($row['user'] == $user) {

            $_SESSION['user'] = $user;


            echo "<br /><br /><h1 style=\"font-family: 'PT Sans Narrow'\">Bonjour <b style=\"color: yellowgreen;\">" . strtoupper($user) . "</b></h1><h4>Redirection vers la page d'administration dans <b><span id='compteur' class='compteur'>";
            ?>

            <script language='javascript'>

                function timestamp(t)
                {
                    document.getElementById("compteur").innerHTML=(t/1000);
                    t-=1000;
                    if(t==0)
                        self.location="../index.php";
                    		 
                    setTimeout("timestamp("+t+")",1000);
                }
                window.onload = timestamp(2000);
            </script>
            <?php

            echo "</span></b> secondes</h4><img src='images/superdroid.png' /></div><div class='bas' id='bas'></div>";
        } else {

            echo "<br /><br /><h1><b style=\"color: rgb(230, 0, 17);\">Erreur Login ou mot de passe</b></h1><h3>Redirection vers la page d'authentification dans <b><span id='compteur' class='compteur'>";
            ?>

            <script language='javascript'>

                function timestamp(t)
                {
                    document.getElementById("compteur").innerHTML=(t/1000);
                    t-=1000;
                    if(t==0)
                        history.back();
                    		 
                    setTimeout("timestamp("+t+")",1000);
                }
                window.onload = timestamp(2000);
            </script>
            <?php

            echo "</span></b> secondes</h3><img src='images/superdroid.png' /></div><div class='bas' id='bas'></div>";
        }

        $mysqli->close();
    }
}
?>
